Aditya Birla Group Cryptojacked! Take These Steps Now to Safeguard Your Computer

May 16, 2018

Editor's Note: Just last week, one of India's biggest conglomerates - The Aditya Birla Group - was 'cryptojacked'. More than 2,000 computers in various group companies were attacked.

Whether you have cryptos or not, your computer is vulnerable to an attack.

So, what exactly is cryptojacking, and how can you keep your computer safe?

Prasheel Vartak's Crypto Confidential subscribers already know about this new technique used by hackers. However, I now think it is crucial for everyone to take protective measures - so, for your benefit, dear reader I've asked Prasheel to share his strategy below.

Cryptojacking - as it is called - is using someone else's computer to generate, or mine, cryptocurrency for oneself.

To put it simply, hackers and websites host sections of malicious code that have the ability to hijack your computing power towards mining cryptocurrency for the hackers' gain.

This doesn't install anything on your computer, nor does it take your consent. All it needs to do its dirty work is for you to visit a compromised website. That's it.

Once you visit a website affected by cryptojacking, this code makes your computer or mobile processor operate at full capacity which results in high electricity consumption. If you stayed for long on the website, you'd notice that your computer gets hotter and its fans get louder.

These cryptojackers are not only stealing the processing capabilities of your device, but they also make you foot the electricity bill!

As cryptojacking uses a bulk of the computing power, systems can freeze, personal data can be lost, gaps can be created that other hackers can exploit?-?all of which can negatively impact individual security and productivity.

Cryptojacking FAQs

How exactly does it work?

Cryptojacking works by embedding a JavaScript component in a website that can use a visiting device's processing power to mine a crypto.

One of the most popular tools among cryptojackers is a JavaScript plugin called Coinhive, which mines Monero - a privacy focused cryptocurrency. Notably, Monero was mined in the Aditya Birla attempt as well.

A portion of the processing power that a computer allots to a website with the Coinhive plugin goes toward the mining process, which goes to the hackers. The creators of the tool then get a 22% cut of the mined Monero.

What's the incentive?

Hackers use cryptojacking to mine cryptos (usually Monero) for themselves.

While each visitor might only do a tiny bit of mining while they're there, every user lending some computing power over time can generate real money. And users might not even notice what's happening.

Although not as valuable as bitcoin, a single Monero is worth around US $250. And it's easy to mine on a personal computer, unlike bitcoin, whose mining process usually requires large server farms. It's easy money for the hackers, without much risk or costs.

What devices are affected?

Cryptojacking affects anything that runs a browser with JavaScript. So, your desktop, laptop and even your mobile phone could be potential targets.

Will I notice if a webpage is cryptojacking?

It depends. If you are using a computer with a fast processor, you might not even notice the difference. But with other laptops or computers, the fan may start whirring louder or the device could heat up in a short time. With mobile devices, it would be difficult to notice as apps run in the background. But a slowdown or a quick battery drain could be indicative of cryptojacking.

Is it dangerous?

Cryptojacking can significantly affect the performance of your device. Especially if it is an older device. This may impact user experience as systems may freeze and personal data may be lost. In addition, it may also pump up the electricity bill.

How to protect yourself?

If you hear your computer's fan start whirring when you're visiting a website, or if the browser suddenly slows down dramatically, a cryptojacking miner may be running. If a website is mining currency with your computer, you can close simply close the webpage page to stop the activity.

Browser extensions like NoCoin can also be used to block Coinhive and other cryptojacking miners. Further, ad blocking extensions and an updated anti-virus program can help keep you protected.

But some good can come of this...

While cryptojacking may be inherently bad, it could also have a silver lining.

The concept behind Coinhive could be a potential new way for websites to earn revenue. It may even replace pesky and intruding ads which have their own problems. Site owners could inform their users about leasing their computing power in lieu for the site's content.

Many charities are beginning to implement this concept to use visitor's computing power as donations to fund projects. Visitors are told transparently about how this process works, and can choose to voluntarily donate their computing power. Notably, the UN body - UNICEF has started 'The Hope Page' which allows visitors to fund its charitable missions with their computer's processing power.

However, in the vast majority of cryptojacking scams that have surfaced, neither the website nor its users were aware that they were victims.

Thus, at this stage, it is best to stop this activity from growing, so that it can eventually be mitigated and stopped.

PS: Cryptos go up and they go down, but they are not going away. The opportunity here could still be enormous IF you can stay ahead of the game. Can you? Yes - and quite easily - if you follow crypto expert Prasheel Vartak. Click here.

ABOUT EQUITYMASTER

Since 1996, Equitymaster has been the source for honest and credible opinions on investing in India. With solid research and in-depth analysis Equitymaster is dedicated towards making its readers- smarter, more confident and richer every day. Here's why hundreds of thousands of readers spread across more than 70 countries Trust Equitymaster.

All rights reserved. Any act of copying, reproducing or distributing this newsletter whether wholly or in part, for any purpose without the permission of Equitymaster is strictly prohibited and shall be deemed to be copyright infringement.

LEGAL DISCLAIMER: Equitymaster Agora Research Private Limited (hereinafter referred as 'Equitymaster') is an independent equity research Company. Equitymaster is not an Investment Adviser. Information herein should be regarded as a resource only and should be used at one's own risk. This is not an offer to sell or solicitation to buy any securities and Equitymaster will not be liable for any losses incurred or investment(s) made or decisions taken/or not taken based on the information provided herein. Information contained herein does not constitute investment advice or a personal recommendation or take into account the particular investment objectives, financial situations, or needs of individual subscribers. Before acting on any recommendation, subscribers should consider whether it is suitable for their particular circumstances and, if necessary, seek an independent professional advice. This is not directed for access or use by anyone in a country, especially, USA, Canada or the European Union countries, where such use or access is unlawful or which may subject Equitymaster or its affiliates to any registration or licensing requirement. All content and information is provided on an 'As Is' basis by Equitymaster. Information herein is believed to be reliable but Equitymaster does not warrant its completeness or accuracy and expressly disclaims all warranties and conditions of any kind, whether express or implied. Equitymaster may hold shares in the company/ies discussed herein. As a condition to accessing Equitymaster content and website, you agree to our Terms and Conditions of Use, available here. The performance data quoted represents past performance and does not guarantee future results.